TO ALL WHOM IT MAY CONCERN: 



Attorney Docket No, 931XX 



Be it known that I ROBERT BEACH, a citizen of the United States, residing in 
Los Altos, California, whose post office address is 1850 Middleton Avenue, Los Altos, 
California 94204 respectively, have invented an improvement in 

SECURITY IN MULTIPLE WIRELESS LOCAL AREA NETWORKS 

of which the following is a 

SPECIFICATION 
REFERENCE TO PRIOR APPLICATION 
This application is a continuation-in-part of pending application Serial No. 09/780,741, filed 
February 9, 2001, which is a continuation-in-part of pending application Serial No. 09/528,697, 
filed March 17, 2000. 

BACKGROUND OF INVENTION 

This invention relates to wireless data communications networks, and in particular 
to arrangements for commimications between mobile data handling units and a central computer 
using wireless data communications. 

The assignee of the present invention supplies a wireless data communications system 
known as the Spectrum 24 System, which follows the radio data communications protocol of 
IEEE Standard 802. 11 . In the system as implemented, mobile units are in data communication 
with a central computer through access points. The access points may communicate with a 
central computer or computers over a wired network. Each of the mobile units associates itself 



witla. one of the access points. The access points in this system are functional to perform all the 
implemented requirements of the standard protocol, including, association and roaming 
functions, packet formulation and parsing, packet fragmentation and re-assembly encryption and 
system access control. In order to maintain order and reduce radio communications each access 
point must determine which of the data communications received over the wired network from 
the central computer is destined for a mobile unit associated with that particular access point 
This requirement adds significant computational capacity to the access point, increasing the cost 
thereof 

In addition, in applications that must support a high volume of data commxmications from 
multiple users, such as systems supporting a self-service shopping system, hospital systems, 
systems that include paging or voice data links to many users, or systems supporting 
conmiunicating with electronic shelf labels, additional access points are required to support the 
data communications traffic, increasing the overall system cost 

The cost of an operational access point is dependent not only on the complexity thereof 
and the requirement for high speed processing of data pockets for purposes of selecting those 
destined for mobile units associated with an access point, but the additional cost of the 
installation of electrical power to the location of the access point, and the cost of a power supply 
to convert AC electrical power to DC power for the circuits of the access point Further cost may 
be involved in physically moimting the access point hardware and antenna. 

In prior systems each access point is connected on an ElJiemet wired network to the 
central computer. The access points are required to determine the identity of mobile units which 
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have become associated with them and to extract from the data packets on the Ethernet network 
those packets addressed to a mobile unit associated with the access point This requirement has 
led to significant processing burden for the access points and led to increased cost for the access 
points. 

In the system described in my prior published International Patent Application WO 099 
37047, published July 22, 1999, the central computer communicates over an Ethernet wired 
network with an intelligent switching hub. Alternately a token ring network can be used. The 
switching hub determines the destination of each packet and routes packets to an access point if 
the destination of the packet is a mobile unit associated with the access point. To achieve this 
function, the hub is an intelligent hub which maintains a routing list of mobile units and their 
associated access point according to the port of the hub. 

In practice, the hub need only maintain a source list for those access points coimected to 
the hub and mobile units associated with the access points connected to the hub. Thus, if a 
packet is received at a hub over the Ethernet with a destination address which is not associated 
with that hub, the packet is ignored. The hub will route the packet to an access point only if the 
destination address of the packet is identified on the list. When a packet is received on a hub port 
associated with a communications line cormected to an access point, the source address is 
associated with the hub port in the list. The packet is routed either to flie Ethernet coimection or 
to another port according to the destination address. 

By determining destination address in the hub and maintaining the association of a mobile 
unit address with an access point connected to a port of the hub in a routing list of the hub, the 



functionality required of the access points is greatly reduced. The access point acts merely as a 
conduit sending RF transmissions of packets received on its communication line, and receiving 
transmissions from associated mobile units and providing Ethernet packets to the hub. In 
addition, the access pomt must provide mobile unit association functions and other 802.1 1 
protocol functions, as provided in the Spectrum 24 system, and may also provide proxy polling 
responses for associated mobile units that are in power saving mode. 

The prior system may have a large number of access points, each with a memory 
containing program instructions for carrying out the various reqmred functions. This distribution 
of processing makes it difficult to upgrade a system or to provide changes in system 
configuration because any upgrade or change may require changes to the program code in each of 
the access points. Such distribution of processing functions also makes system management 
functions, such as load balancing or access control more difficult. 

It is therefore an object of the present invention to provide an improved wireless data 
communications methods and systems having lower cost, to enable the economical provision of 
reliable wireless data communications with mcreased capacity in complex installations or at 
reasonable cost or simple installations. 

SUMMARY OF THE INVENTTON 

In accordance with the mvention there is provided a sj^tem for providing 
wireless data communications between mobile units and a wked network. The system includes 
a plurality of RF ports having at least one data interface and arranged to receive formatted data 
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signals at the data interface and transmit corresponding RF data signals and arranged to receive 
RF data signals and provide corresponding formatted data signal. There is also provided at least 
one cell controller, arranged to receive data signals from the wired network and to provide 
formatted data signals corresponding thereto and to receive formatted data signals and to provide 
data signals corresponding thereto to the wired network, the cell controller controls association of 
mobile units with one of the RF ports, provides formatted data signals for said mobile units to an 
associated RF port and receives formatted data signals from the mobile unit from the associated 
i RFport. 

^ In accordance with the invention there is provided an improvement in a wireless 

lu, 

yj data communications network coupled to a data processing system, having a phirality of RF ports 
i^, and mobae units, wherein the mobile units associate with one of the RF data communications 
HI ports to conduct data communications with said data processing system. The mobile units are 
ti assigned to one of the RF ports by a cell controller, and the cell controller is arranged to receive 
first data communications from the data processing system and to relay the data communications 
to an assigned RF port and to receive second data communications from the RF ports and relay 
the second data communications to the data processing system. 

In accordance with the invention there is provided a method for operating a 
wireless local area network having at least one RF port, a plurality of mobile units and a cell 
controller coupled to the RF port. The RF is operated port to relay signals received from mobile 
units to the cell controller and to relay signals received from the cell controller to the mobile 
units. The cell controller is operated to control association of the mobile units with the RF port, 
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including sending and receiving association signals between the RF port and the cell controller, 
and to send messages to and from the mobile unit via the RF ports. 

In accordance with the invention there is provided an improvement in a mobile 
unit for use in a wireless data communications system, wherein the unit has a data processor and 
programs for the data processor and a wireless network adapter having a programmed processor 
and a radio module. The programmed processor performs first communications processor 
functions including control of the radio module and flie data processor operates under the 
programs to perform second communications processor functions, including association with a 
radio access location of the wireless data communications system. 

According to the invention there is provided an improvement in a wireless data 
communications system for providing data communications following a standardized protocol, 
wherein the protocol includes association of mobile imits with radio access locations. At least 
one RF port is provided at a radio access location, which RF port comprises a radio module and 
an RF port processor in data communications with a programmed computer. The RF port 
processor performs first functions of the standardized protocol and the programmed computer 
performs second fimctions of the standardized protocol, including the association of mobile units 
with said radio access location. 

According to tiie invention there is provided an RF port for use in a wireless data 
communications system comprising a radio module having a data interface and a 
transmitter/receiver for wireless data communications; and a digital signal processor having first 
and second data communications ports, random access memory and read-only memory. The 



second data communications port is coupled to the data interface of said radio module. The read- 
only memory is provided with a bootloader program for controlling the digital signal processor to 
load program instructions to the random access memory via the fu^it communications port. 
According to the invention there is provided a method for operating an RF port having a radio 
module, a digital processor, random access memory and read-only memory. A bootloader 
program is stored in the read-only memory. The digital processor is operated to download 
instructions from a computer to the random access memory using the bootloader program and the 
RF port is operated under the downloaded instructions to send and receive messages using the 
radio module. 

According to the invention there is provided a method for transmitting signals 
having a wireless signal format using an RF port having a wu:ed netwo± interface, a data 
processor and an RF module. Signals are provided to the wired network interface having wireless 
address data and message data within a data packet addressed to the RF port using a protocol for 
the wired network. The processor is operated to provide wireless data signals having the wireless 
signal format for the address data and the message data to said RF module and operating the RF 
module is operated to transmit the wireless data signals as an RF signal modulated with the 
wireless signal format. 

According to the invention there is provided a method for transmitting signals 
having a wireless signal format using an RF port having an Ethernet interface, a data processor 
and an RF module. An Etiiemet data packet is provided to the Ethernet interfece, the Ethernet 
data packet encapsulating as data a data message having the wireless signal format. The data 
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processor is operated to provide the data message to the RF module. The RF module is operated 
to transmit the data message as an RF signal. 

According to the invention there is provided a method for receiving signals having 
a wireless signal format including wireless address data and message data at an RF port having a 
wired network interface, a data processor and an RF module. The RF module is operated to 
receive RF signals having the wireless signal format. The data processor is operated to receive 
wireless data signals from the RF module and provide data signals to the wired network interface 
comprising a data packet having a source address corresponding to the RF port using a protocol 
for the wired network, the data packet including the wireless address data and the message data. 

According to the invention there is provided a method for receiving RF message 
signals having a wireless signal format including an address data format and message data using 
an RF port having an Ethernet interface, a data processor and an RF module. The RF message 
signals are received in the RF module and provided as data signals to the data processor. The 
data processor is operated to interpret address data in the data signals and, in dependence on the 
address data, said message data and said address data is encapsulated in an Ethernet packet, 
which is provided to the Ethernet interface. 

In accordance with the invention there is provided a simplified wireless local area 
network system including a computer having a data processor md a memory, an RF port having 
an RF port data processor, an RF module and a data communications interface coupled to the 
computer. A first program is provided in the memory of the computer for operating the computer 
data processor to perform first wireless data communications ftinctions, including association 



with mobile units. A second program is provided for operating the RF port data processor to 
perform second wireless data commimications functions. 

According to the invention there is provided a wireless access device for 
providing wireless access to a communication system. The device includes a modem for sending 
and receiving data messages on the communications system and an RF port, having a data 
interface coupled to the modem, a data processor and an RF module. The data is programmed to 
receive data messages from the modem, to format the messages for wireless data 
communications and to provide the formatted messages to the RF module for transmission by RF 
data signals to at least one remote station, and to receive RF data signals from the at least one 
remote station, and to provide data messages to the modem to be sent on the communications 
system. 

According to the invention there is provided a method for providing wireless 
access to the Internet. A modem having a data communications interface connected to an RF 
port is connected to the Intemet. The RF port is configured for wireless data communication to 
at least one mobile imit having a predetermined wireless commimications address. A mobile unit 
configured with the predetermined wireless communications address is provided for conducting 
RF data communications with the RF port. The RF port is arranged to relay commimications 
between the mobile unit and the modem. 

The apparatus and methods of the present invention provide RF ports as radio 
access locations which are less expensive than known access points and provide greater system 
management and flexibility. Much of the software used for controlling communications to and 



from mobile units is performed in a controller wherein software upgrades and changes are easily 
implemented. According to some embodiments, wherein instructions are downloaded to RF 
ports, it becomes easy to upgrade RF port instructions. System control is centralized, making 
management easier and enabling changes to access control and encryption ftmctions. Priority for 
traffic purposes can also be established to facilitate digital telephony by giving priority to voice 
traffic. Accordingly, a system is provided that has significant flexibility using common RF port 
hardware to provide a wireless LAN having from one to hundreds of radio access locations. 

According to the invention, the same RF port may provide multiple ESS 
identifications such that each ESS identification is associated with a separate virtual wireless 
local area network having its own policies and security. 

For a better understandmg of the present invention, together with other and fiirther 
embodiments thereof, reference is made to the following description, taken in conjunction with 
the accompanying drawings, and its scope will be pointed out in the appended claims. 

BRIEF DESCRIPTION OF THE DRAWINGS 

Figure 1 is a block diagram of a wireless communications system in accordance 
with the present invention. 

Figure 2 is a block diagram illustrating one example of a mobile unit arranged to 
be used in the system of Figure 1 . 

Figure 3 is a block diagram illustrating one example of an RF port for the system 

of Figure L 

Figure 4 is a more detailed block diagram of a preferred embodiment of an RF 
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port in accordance with the invention. 

Figure 5 is a block diagram of an arrangement of a computer and RF port for 
providing a simplified wireless local area network according to the present invention. 

Figure 6 is a block diagram of an arrangement for providing wireless access to the 
Internet using the RF port of the present invention. 

Figure 7 is a diagram showing signal format according to one embodiment of the 

invention. 

Figure 8 is a diagram showing an compilation of RF ports having multiple ESS 
arrangements for providing overlapping, multiple wireless networks. 

DESCRIPTION OF THE INVENTION 
Referring to Figure 1, there is shown an example of a wireless data 
conmiunications system 10 according to the present invention for providing data communications 
between a central computer or a collection of computers on a wired network 16 and a plurality of 
mobile units 20. While prior systems used access points at each radio access location, where the 
access points are capable of managing wireless communications with mobile units, the system of 
Figure 1 uses simplified RF ports 18 at each radio access location to provide radio packet 
commimications with the mobile units 20 using a wireless communications protocol, such as 
IEEE Standard 802. 11, whereby the radio modules in the mobile units 20 monitor polling signals 
from the RF ports 18, which are originated by the cell controllers 14 and associate with an RF 
port 18 for purposes of data communications. The system arrangement of Figure 1 is especially 
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effective in a large wireless local area network (LAN) system wherein it may be necessary to 
provide a large number of radio access locations. Typically such systems, operating at low 
power microwave frequencies, require radio access locations at about every 100 feet. Where the 
wireless LAN system must operate with mobile units, for example, portable computers or similar 
devices, located throughout a large facility, such as a business, hospital complex or university 
campus, many such radio access locations maybe required, possibly several hundred. 
Accordingly there is an incentive to reduce the cost of the installation at each radio access 
location. According to the present invention the system configuration and operation are 
redesigned to reduce the cost of each individual radio access point. In addition, the system of the 
present invention provides a concentration of operational control in one or more central 
controllers 14, making management of the system easier and making modifications and upgrades 
easier to install. 

According to the invention, much of the functionality of the 802.1 1 protocol 
associated with the conventional access point, is removed from the device located at the radio 
access location and provided in a cell controller 14, which may be located in conjunction with a 
switching hub 12, connected to flie wired networic 16, with which the wireless network 10 is 
associated. In particular the usual "access point" device is replaced with a simpler device 18, 
herein referred to as an "RF port" which contains the RF module, which may be the same RF 
module used in the prior art access point, and simplified digital circuits to perform only a limited 
portion of the 802.1 1 media access control (MAC) fimctions performed by the prior art access 
point. In particular the RF port 18 preferably performs only functions of the access point that 
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require a lower level of processing resources in terms of processor capacity and software 
complexity (memory requirement), and which are time critical. Other functions that are more 
processor intensive and require more complex programming, and which are not time critical, are 
relegated to one or more "cell controllers" 14, which may perform these more complex functions 
for a plurality of RF ports 1 8. 

Li order to perform the higher level processing functions of the access point in the 
cell controller 14, according to the present invention, all messages directed to or from mobile 
units 20 associated with a particular RF port 18 are processed in a cell controller 14. A system 
may have one or more cell controllers, which may comprise, e.g. Pentium-type board level 
computers, each of which is arranged and programmed to handle data message traffic and mobile 
unit associations for a selected plurality of RF ports 18. A switching hub 12 maybe interposed 
to provide message switching among the wired network connected to communications line 16, 
RF ports 18 and cell controllers 14. Each of the one or more cell controllers 14 acts as a virtual 
"access point" for traffic addressed to its associated RF ports 18 and to the mobile units 20 
associated with those RF ports. When a message is addressed to a mobile unit 20 is received on 
line 16, switching hub 12 directs the message to the appropriate cell controller 14, which 
reformats the message and relays the message to the appropriate RF port 18, again through 
switching hub 12. When the message is received by an RF port 18, it is converted to a radio 
message and sent to the mobile unit 20 with a minimum of processing. 

Likewise, when a message is received from a mobile unit 20 by an RF port 18, it 
is converted to a digital message packet and relayed to the cell controller 14 associated with the 
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RF port 18 through the switching hub 12. The cell controller 14 parses the message for further 
relay in the system. 

An important feature of a preferred embodiment of the invention is the fact that 
mobile unit association with the RF ports 18 is a function handled by the cell controller 14. 
Accordingly, when a mobile unit 20 first becomes active, it sends an association request signal in 
response to a beacon signal sent by an RF port 1 8 (in response to direction by the cell 
controller). The association request signal is relayed by the RF port 18 to the cell controller 14, 
which performs the processing required for association, including consideration of RF port 
loading. Cell controller 14 generates appropriate response signals to be sent by the RF port 18 to 
the mobile unit 20. The cell controller 14 is in an appropriate position to evaluate the loading of 
the RF ports 18 under its control, and may therefore easily perform load leveling functions, for 
example, by providing a message to RF port 18 accepting or declining an association request. In 
addition, the cell controller 14 may receive load messages from other cell controllers 14 in the 
sj^tem 10 and thereby coordinate overall load management. As a mobile unit 20 moves from a 
location serviced by one RF port 18 to a location serviced by a different RF port 18, the cell 
controller 14 receives information from the mobile unit 20 indicative of its reception of beacon 
signals from the various RF ports in the system and performs the necessary functions to support 
roaming of mobile unit 20. 

While in the system 10 of Figure 1 the cell controllers 14 are shown as separate 
computers connected to switching hub 12, the term "cell controller" is intended to refer to the 
logical fimctions performed by these computers rather than the computers themselves. As will 

-14- 



become apparent, the cell controller may be implemented in a variety of ways other than as 
shown in the exemplary system 10 of Figure 1. 

Lnplementation of a simplified RF port is achieved by performing "higher leveF 
functions of the 802. 11 protocol Media Access Control (MAC) in the cell controller and 
performing "lower level" fimctions in a simplified RF port. 

The lower level fimctions are those that are hardware intensive and often time 
critical. The higher level fimctions are those that are software intensive and not time critical. 
One possible division of the exemplary 802.1 1 MAC fimctions is as follows: 
Lower Level Functions (preferably to be performed at RF port) 

Cyclic Redundancy Check (CRC) 

Network Activity Vector (NAV) 

Ready to Send/Clear to Send (RTS/CTS) 

Header generation/parsing 

Collision Avoidance 

Frequency Hopping 

Ack parsing/generating 

Retransmission timeout 
Higher Level Functions (preferably to be performed at Cell Controller) 

Association processing 

Roaming 

Retransmission 
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Rate Control 
Host Interface 

The following optional (higher or lower) level MAC functions can be placed in either the higher 
or lower level categories. 

Wired Equivalent Privacy encryption/decryption (WEP) 

Fragmentation/Reassembly 

Data Movement 

Power Save Polling Support (PSP) 
According to a preferred arrangement of the system of the invention, the lower level MAC 
functions are provided at the RF port , the higher level MAC functions are provided in the cell 
controller and the optional level functions can be provided at either the cell controller or the RF 
port. 

A major advantage of the invention is a cost savings in hardware, processor 
capacity and storage capacity for the RF port. Since a system with, for example, one hundred or 
more radio access locations may be implemented witii one or two cell controllers, the processor 
hardware and memory required for the higher level MAC functions need be provided only at the 
cell controllers. In fact, the capabilities of the overall system, for WEP encryption and other 
special fimctions, can be increased at modest cost by using a high performance board level 
personal computer or even a host computer as a cell controller. 

By eliminating the higher level MAC functions from the radio access locations, 
the cost of the devices installed at those locations can be significantly reduced because of lower 
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processor capacity and storage. 

In connection with association and roaming functions the RF ports 18 provide 
beacon signals in response to commands generated by the cell controller 14. When an 
association sequence is initiated by a mobile unit, the RF port 18 relays the association messages 
between the mobile unit 20 and the cell controller 14 during the association process, which is 
handled by the cell controller 14. 

Li connection with message traffic to a mobile unit 20 from a network processor, 
message packets are routed by switching hub 12 to the cell controller 14 responsible for the 
mobile unit 20 addressed. The message is buffered and formatted by the cell controller 14 and in 
a preferred arrangement encapsulated by the cell controller 14 as a mobile unit packet within a 
wired network packet addressed to the responsible RF port 18. This packet is routed to the RF 
port 18. The RF port 18 extracts the mobile unit packet from the message and sends the packet 
to mobile unit 20 as a radio signal. The RF port 14 may also provide a CRC calculation and 
generate CRC data to be added to the message. The mobile unit 20 responds with an 
acknowledgment signal to the RF port 18, which generates and sends an acknowledgment status 
message to cell controller 14. 

In connection with messages for systems coimected to the wired network 16, the 
mobile unit 20 sends a packet to the RF port 18 by radio signal. The RF port 18 filters received 
radio message packets according to the BSS (Basic Service Set) identifier in the packet and, if 
the packet has a BSS identifier associated with the RF port 18, performs the CRC check as the 
packet is received. The RF port 14 then generates and sends an acknowledgment signal to the 
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mobile unit 20 and sends the received packet to cell controller 14. Cell controller 14 buffers, 
parses and, if necessary, decrypts the packet and routes the packet to the host on network 16 
through hub 12. 

The arrangement of RF port 18 maybe identical to current access points used in 
the Spectrum 24 system with some of the access point software non-functional. Preferably the 
RF ports are simpUfied to reduce cost and power consumption. To reduce installation expenses 
the RF ports are powered via an Ethernet cable, which also connects RF ports 18 to switching 
hub 12 or to cell controller 14. The RF ports can be arranged in a small package (e.g. portable 
radio size) with integrated diversity antennas and arranged for easy mounting, such as by 
adhesive tape or Velcro. Connection to the switching hub 12 is by Ethemet cable which is also 
provided with D.C. power, such as by use of a choke circuit, such as Pulse Model P0421 as 
described in my referenced Intemational Application. The choke circuit may be built into an 
Ethemet connector and is available in this configuration. 

The RF port 18 does not have to perform Ethemet address filtering and does not 
have to perform 802. 1 1 association and roaming functions and can therefore have a lower level 
of processor capacity, software support, memory and power consumption, hi one embodiment 
shown in Figure 3 the RF port 1 8 includes only a digital signal processor (DSP) 38 which 
includes internal RAM and ROM. The DSP 38, which may be one of the Texas Instruments 
TMS 320 family of DSP processor, such as the 5000 series, specifically the TMS 320 UC 5402 
or the TMS 320 VC 5402. This DSP provides an interface between the Ethemet cable 46 and the 
RF module 42 in RF port 1 8, as shown in Figure 3. The RF module 42 is provided in housing 36 
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with DSP 38, DC/DC power supply 40 and carrying one or more antennas 44. RF module 42 
includes a 3860 or 3861 baseband processor, such as HFA 3860B, to interface with the digital 
portion of the RF port 18, specifically DPS 38. In one arrangement the ROM memory of the 
DSP 38 can be provided with "bootloadef firmware that downloads the necessary DSP software 
instructions from the cell controller 14 upon startup of the RF port 18, and loads the instruction 
into the RAM of the DSP 38. 

The processors that are currently preferred as a possible lower level MAC engine are the 
TMS320UC5402 and the TMS320VC5402. These parts are functionally identical except for 
differences in power consumption (the VC5402 is currently in production and while the UC5402 
is still being sampled). The basic configuration of the UC5402A^C5402 is: 

- 100 MIPS execution rate 

- 8 KB on chip ROM (organized as 4K x 16 bits) 

" 32KB on chip RAM (organized as 16K x 16 bits) 

- Two 16 bit timers with 1 fis or better resolution 

- Two High speed, full duplex serial ports (up to 50 Mbits/sec each) with smart DMA channel 
support 

- One High speed 8 bit wide host/parallel port (160 Mbit/sec) 

- Six DMA channels for general purpose use 

- 16 bit external memory/IO Bus with internal wait state generation 

- 16 interrupts with 3 instruction (30ns) worst case latency 
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- 0,54 mW/MHz power consumption (30niA@1.8v at 100 MHz) 

- Low Power Modes {6mA^ 2mA, 2^ depending on setting) 

- Internal PLL that generates the system clock with an external crystal 

This section will describe the use of a 5402 DSP 38 as a MAC engme for 1 1 
Mbit/sec 802.1 1 DS systems. It could clearly be used in FH systems as well. We will focus on the 
how the 5402 interfaces to the Intersil 3860/1 baseband processor in RF module 42 and how it 
implements the lower level MAC functions. 

The first issue is how the 5402 DSP 38 mterfaces to the 3861 (much of what is 
said applies to the 3860 as well) and the rest of the RF module 42. As shown in Figure 4, the 
3861 processor 53 in RF module 52 of RF port 50 has 2 major mterfaces, both serial. The first 
interface, labeled DATA, is used to transfer data between the MAC engine comprising DSP 64 
and the 3861. It has four lines: TxD, TxC, RxD, and RxC and operates at up to 1 1 Mbits/sec. The 
exact rate depends on the transfer rate of the packet The clock signals of both interfaces are 
generated by the 3861 and so transfers are controlled by the 386 L Both can be halted at any time 
by the 3861 as well as change rate. The second serial interface, labeled CONTROL is used to 
load commands into the 3861 and read status information from the 3861. This interface is a 4 
wire bi-directional interface using one data line, one clock line, one "direction control" Ime, and 
a chip select line. This serial interface also can operate at up to 1 1 Mbits/sec. In addition to the 
serial interfaces, there are additional control and status lines such as Reset, TX_PE, RX_PE, 
TX^RDY, etc.. 

The 5402 DSP 38 has two sets of fiill duplex serial interfaces that are capable of 
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operation up to 50 Mbits/sec (given a 100 MHz clock). They can be clocked using internal or 
external sources. In this design one of the sets of serial interfaces, labeled SERl, is used to 
connect to the high speed data lines of the 3861 interface 53. The 5402 DSP 38 interfaces have 
the same basic lines (RxD, RxC, TxD, TxC) as does the 3861 and so they connect with mmimal 
trouble. Although the 5402 uses 1.8v for its core, its I/O lines are 3.3v tolerant and so can 
interface to the 3861 without converters. In addition, they are fully static and so can deal the 
start/stop operation of the clock lines from the 3861. 

Data transfer will be done under DMA control within the 5402 using what TI calls 
"Auto Buffering Mode." This provides essentially dedicated DMA channels for each serial port 
interface (two DMA chaimels per serial port interface). These channels access an independently 
operating bank of SRAM and so transfers have no impact on CPU performance. The CPU can 
start transfers in either direction and be notified via interrupt on their completion. 

Literfacing to the control serial port on the 3861 interface 53 can be done in three 
different ways. The first, illustrated in Figure 4, utilizes the second serial port, labeled SER 2 on 
the 5402 DSP 64 with a small amount of combinatorial logic/buffering to convert between the 
single data line of the 3861 and the dual data lines of the 5402. Another approach is to use an 
external shift register that would perform serial/parallel conversion. This register would sit on the 
I/O bus of the 5402 and would be loaded/read by the 5402 and data shifted between it and the 
3861 . The third approach is to use an external buffer/latch on the 5402 I/O bus and "bit bang" the 
clock/data lines to the 3861. The second or third approaches free up the second serial channel for 
more other use such as providing high speed serial interfaces such as Ethernet or USB and in 
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some applications would be preferred over the first. All require a small amount of external 
combinatorial logic and so the cost of all solutions is about the same. 

The same logic would apply to interfacing to the synthesizer. It is accessed even 
less often than the control port of the 3861 and so a "bit banging" approach would work fine. 

Finally, interfacing to the various control and status lines presented by the 3861 
can be done via simple bi-directional register/latch connected to the I/O bus of the 5402. The 
5402 can read/write this register as it needs to control and monitor the 3861 . It would be possible 
to combine all control/monitor fimctions (including the serial control interface) into a single 16 
bit buffered register latch. Parallel control/status lines would be connected to particular lines of 
iMs latch. Serial control interfaces would also be connected and "bit banged" as necessary to 
move data between the 5402 and 3861. 

The arrangement shown in Figure 4 uses a Crystal CS 8900 A Ethernet controller 
63 coupled to the parallel port of DSP 64 to interface to the Ethernet port 58. An Ethernet 
connector/choke 58 receives cable 60 and provides DC power firom cable 60 to DC/DC power 
supply 62. The Figure 4 RF port 50 includes spaced diversity antennas 54, 56 to improve 
reception in multipath conditions. 

A premise of this design is that the TI DSP is capable of implementing all lower 
level MAC fimctions without external hardware assistance. This, of course, is the most 
demanding model but we will find that the 5402 is up to the task. The most computational 
demanding tasks are the CRC-32 and WEP processing. The CRC-32 calculation is performed 
over the entire packet and must be completed in time to generate an ACK should the CRC turn 
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out to be correct (or to attach the calculation result to an outgoing packet on transmission). This 
means that the CRC calculation must be performed in near real-time during packet transfer 
between the 3861 and 5402. TI has shown in an application note that a CRC*32 calculation can 
be made by a 5000 series DSP in 13 instructions. At 100 MIPS this is about 130ns. At 11 
Mbit/sec, a byte takes about 770ns to transfer and so we have plenty of time to do the CRC. 
When receiving a packet, the serial port would be transferring the data from the 3861 to SRAM 
within the 5402. At the same time the CPU within the 5402 would be reading each received byte 
from SRAM and calculating the CRC. It would of course have to make sure that it did not 
overrun the receive buffer, but that would be a relatively simple task. Much the same process 
would happen during transmission. In either case, the CPU has lots of time to do the CRC. 

The WEP processing if performed in the RF port 50, is a harder fimction to 
perform than CRC-32 since it includes botii an RC4 encryption fimction and a second CRC-32. 
At the same time it does not need to be completed prior to ACK generation/reception nor is 
performed on every packet (just data packets). The RC4 encryption function consists of two 
parts: building the encryption table (a 256 byte table) using the selected key and doing the 
encryption/decryption process. Based on sample code, it is estimated that building the table 
would require about 1200 instructions (12ms at 100 MIPS) and the encryption/decryption process 
would require about 12 instructions/byte. There is no difference in this cost for 40 or 128 bit 
keys. The WEP CRC-32 would require another 13 instructions per byte. 

The per byte computational burden for WEP would thus be about 25 instructions 
or about 250ns at 100 MIPS. When added to the packet CRC-32, the total load would be around 
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38 instructions/byte. As we pointed out, at 1 1 Mbit/sec we have about 77 instructions/byte 
available, so we are spending about 50 % of the CPU on CRCAVEP tasks. The biggest issue is 
the 1200 clocks (12us) required to build tiie encryption table during receive (For transmission, 
the calculation can be done prior to starting packet transfer). Pausing to create the table would 
put the CPU about 18 bytes (12us at 770ns/byte) behind in the CRC/WEP/CRC calculation 
process. It would require about 40 data bytes to catch up (1200 clocks/ 30 extra clocks per byte) 
in both packet CRC and WEP/CRC functions. Since the minimum TCP/IP header is at least 40 
bytes (plus any user data), we should have enough time. In any case if we are a little late in 
WEP/CRC calculation, no harm is done. An alternative approach would be to catch up first for 
the packet CRC calculation and then catch up with WEP/CRC. 

After CRC and WEP/CRC processing, the next most critical activity is header 
parsing on receive and generation on transmit. This is because of the need to identify packets for 
the station and generate appropriate responses. On receive, the processor must parse two or three 
48 bit addresses and at least a 16 bit header command field. After the packet completes, an ACK 
may need to be generated. 

The 5402 can easily handle these fimctions. Since these fimctions are performed 
prior to WEP processing, the CPU has 64 instructions/byte (77-13) to perform these fimctions. 
Since many of them can be performed on a 16 bit or even 32 bit basis (the 5402 supports both 16 
and 32 operations), there may be up to 128 or 256 instructions per data item (i.e. 256 instructions 
to perform a 32 bit address check). These functions are performed at 2 Mbit using a 1 MIPS 188 
CPU. We have a 100 MIPS CPU to do the same tasks at 1 1 Mbit/sec, 
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ACK generation is likewise relatively simple. An ACK frame is only 14 bytes 
long, including the 4 CRC-32. Given there is a long (80us) preamble, we have 8000 instructions 
to prepare the ACK. The same applies to RTS/CTS exchanges. 

There are two 16 bit timers available on the 5402. In this model, one would be 
used for TSF timing and the other for all other functions. There are really only a few other timer 
functions: NAV, Retransmission, collision avoidance slot countdown, etc.. Retransmission and 
collision avoidance activities go on only when waiting for an ACK or to start a retransmission 
after detection of an idle network. In such cases there is no data transfer going on and so there is 
lots of CPU cycles available. 

Support for MU PSP function can be done in a variety of ways, depending on how 
much, if any, external hardware is provided. The 5402 provides a variety of means of conserving 
power. The first is simply to slow down the CPU clock via the software controlled PLL within 
the unit. The 5402 generates intemal clocks via a PLL that is driven by either an external crystal 
or clock. The PLL multiplies the base frequency of the crystal/external clock by a factor 
determined by software. Hence one means of controlling power consumption is simply to slow 
down the CPU clock. Since the CPU portion of the processor consumes most of the power, 
slowing it down has the biggest affect on power consumption. 

The second approach is use one of the IDLE modes of the processor. IDLEl stops 
the CPU clock entirely but leaves everything else running. Power consumption in this mode is on 
the order of 6mA at 1 OOMHz. The CPU can be restarted by any interrupt (intemal or external). In 
IDLE2 the system clock is stopped and this reduces consumption to 2mA. In IDLES, all system 
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functions are stopped and consumption is reduced to around 2ua. In all cases all state is retained. 
In IDLE2 and IDLE3, an external interrupt is required to restart the CPU. In such cases an 
external, low power timer would be required. 

Thus with no extemal hardware, power consumption could be reduced to at least 
6rrLA. and perhaps less. With a simple extemal timer, one could get down to microamps. 

The bottom line is that the vast CPU power of the 5402 allows all lower level 
MAC functions to be performed in software. Furthermore it has sufficient power and memory to 
handle additional ''higher level*' functions such as packet retransmission, fragmentation, and 
reassembly that can also be done in a cell controller. 

The system 10 of the present invention is compatible with IEEE Standard 820.1 1 
and accordingly will operate with any mobile units 20, including existing units, which are 
compatible with the same standard. However, the improvements applied to the RF ports 18, 
reducing the complexity and cost of these units can also be applied to the mobile units 20, which 
have sufficient main processor capacity to handle the mobile unit functions corresponding to the 
higher order MAC functions. 

Referring to Figure 2 there is shown a block diagram for a mobile unit 20 having a 
mobile unit computer 22 and a WLAN adapter 24 connected thereto to provide wireless 
communications to the system 10 of Figure 1. In the mobile unit 20 of Figure 2, the lower level 
MAC functions are performed in WLAN adapter 24, which also includes RF module 28 and 
antenna 29. The configuration of WLAN adapter 24 may be similar to existing adaptors, but 
preferably adapter 24 is simplified to perform only the lower level MAC functions of the IEEE 
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802.1 1 protocol and allow special software 34 in host computer 22 to perform the higher level 
MAC fimctions, such as association and roaming. In a preferred arrangement the MAC functions 
of adapter 24 are performed in a digital signal processor 26, as described below, which may be 
the same type DSP described with respect to RF port 50. 

This section addresses how the 5402 DSP could be used as a MAC engine in 
Mobile Unit configurations. There are two considerations in building MU WLAN solutions. The 
first is the location of those MAC functions, while the second is the physical interface to the 
host. 

The location of the upper level MAC fimctions may vary considerably. Some 
possibilities are: 

- All functions on MAC engine DSP processor 26 

- All functions on host processor 22 

- Roaming/association on host processor 22, rest on MAC engine 26 

- Roaming/association/retransmission on host 22, rest on MAC aigine 26. The choice of the 
location of tiie higher level MAC functions has a major impact on the cost of MU WLAN 
adapter. If one is willing to place at least some of the higher level functions on a host processor 
22, then one could get by with just tiie 5402 on the WLAN adapter. Possible functions to place 
on the host would be roaming and association control. Higher level functions such as 
retransmission and fi^gmentation/reassembly could be left on the 5402. This split would permit 
significant savings, since another processor/memory subsystem would not be needed on the 
WLAN adapter. There are two reasons for not placing all of tiie MAC functions on the 5402. The 
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first is memory space on the 5402 is only 32KB of SRAM for both code and data. In some MAC 
implementations such as frequency hop, the code space alone exceeds 32 KB. The second reason 
is that the software on the 5402 is oriented toward meeting hard, real-time tasks such as CRC and 
WEP processing. Trying to add software intensive tasks would only complicate the process. 

If another processor was required, such as an ARM or perhaps a second 5000 
Series processor, the upper level fimctions could be added to it. 

Alternatively one could place all the MAC fimctions on a faster and/or bigger 
version of the 5402 processor. Such a processor would likely have a higher clock rate (current 
members of the 5000 Series can be clocked as high as 160 MIPS) and more memory ( say 64 KB 
instead of 32KB). 

Both the second processor as well as a faster/bigger 5402 would consume 
additional power as well as adding cost. 

This section will describe one approach of how a MU WLAN adapter can be 
arranged for various hardware host interfaces using the 5402. It assumes that enough of the upper 
level MAC fimctions have been offloaded to a host processor so that only the 5402 is required on 
the PLAN adapter. A second processor could be added to any of the solutions outlined below. 

In all of the following solutions, it is assumed that the runtime code for the 5402 
is loaded from an extemal source (such as computer 22) via the host interface 32. This eliminates 
the need for flash memory on the adapter card, saving several dollars in the process. It should be 
pointed out tiiat the 5402 comes with 8KB of mask programmable ROM and a bootloader 
program (required for the USB and Ethernet host interfaces) would be placed in it. The 
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bootloader would be smart enough to download the runtime code instructions over whatever 
serial interface was available. 

The simplest interface of all would be for a host to use the Host Port on the 5402. 
This port operates as a dual port interface into the memory within the 5402. It would not be a 
standard interface but would be quite suitable for dedicated systems. Using it, computer 22 can 
read/write memory on a random or sequential basis. It is an 8 bit interface and can operate as fast 
as 160 Mbit/sec. When operated in random access mode, the computer 22 generates a 16 bit 
address using two writes to the port and then performs either a read or write operation. Such a 
mode allows a host to set up command blocks and the like within the memory of the 5402. 
Sequential mode allows a host to transfer data in and out of the 5402 memory very quickly (160 
Mbit/sec). This would be used for transferring data. 

If this approach was used, the only digital component on the WLAN adapter 
would be the 5402. 

In the system of Figure 1, the cell controller 14 is a board level personal computer 
coupled to the switching hub 12 preferably by 10 M bit and 100 Mb Ethernet ports. For smaller 
systems a 350 MHz Pentium computer with 16 MB RAM may be used. For larger systems 
having many RF ports a 500 MHz Pentiimi with 64MB RAM is appropriate. Communications to 
and from the wired network are preferably carried out at 100 MHz. Communications to and from 
RF ports may be carried out at 10 MHz. A second cell controller may be supplied for larger 
systems and/or to provide backup in the event one cell controller fails. Reliability can be 
enhanced by providing dual fans and dual power supplies. A flash disk memory may be used for 
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reliability. Alternately, the cell controller 14 may be built into the switching hub 12 or into a host 
processor. 

The operating system for the cell controller 14 may be a real time operating 
system, such as VRTX or QNX, which provides multitasking, a foil network stack and utiUties. 
Web based management utilities, which are client side Java based, are provided for maintaining 
the configuration of the cell controller 14, the RF ports 18 and status of the mobile imits 20. 

The cell controller 14 includes applications to provide mobile unit association 
management, roaming and packet buffer management. These applications are similar to those 
performed by current access points in the Spectrum 24 system. The cell controller 14 may also 
provide QoS support, user authorization and configuration management Placing these fonctions 
on a personal computer cell controller facilitates system management and program updates using 
available programming tools. Further, modifications to authorization or management fimctions 
need only be installed into the cell controller 14, and no modification to the software of the RF 
ports 18 is required. 

The cell controllers 14 handle routing of all messages to or fi-om the mobile unit. 
The cell controller buffers message packets received from the wired network and determines the 
appropriate RF port 18 with which the addressed mobile unit 20 is associated and sends the 
packet to the RF port 18. The cell controller 14 can additionally perform WEP 
encryption/decryption and the CAC associated therewith. 

The cell controller 14 may also the additional fimction of maintaining and 
downloading firmware to the RF ports 18. Upon power up the RF ports 18 use a bootloader 
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routine stored in ROM to send a download request to cell controller 14. The cell controller then 
downloads finnware to the RF port 1 8, including configuration information such as channel 
assignment, ESS and BSS identification. The cell controller 14 and RF ports 18 additionally 
share a common TSF clock. 

The mobile unit computer 22 of mobile unit 20 is provided with similar software 
to perform tihie higjier level MAC fimctions as outlined above. Advantageously, the software 34 
can be programmed using the same operating system as provided for the computer, and thereby 
provide a user inter&ce, such as Windows, which is familiar to die user. The mobile unit 
software 34 provides the MAC functions of header building, roaming and association. The 
mobile unit computer 22 may also download firmware to the processor in the WLAN adapter 24. 

As evident fiom the forgoing description, flie hardware for RF port 18 and WLAN 
adapter 24 of mobile unit 20 can be substantially similar, with the possible exception of the 
interface to an Ethernet network or to a mobile imit host Further, the logical cell controller 
ftmction and the higher order MAC fimctions performed by the mobile unit host processor can be 
performed on any computer system. 

Using the RF port 18 of the present invention coupled to a computer system, it is 
possible to provide either a mobile unit or a wireless network according to the software provided. 
Since the software for RF port 18 may be downloaded from a host S3^tem a simple combination 
of a computer and one or more RF ports can fimction as either a WLAN mobile unit as a WLAN 
host or both, by providing fimction selectable firmware to the processor in the RF port. 

In the arrangement shown in Figure 5, a personal computer 70 is provided with 
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software 72 and connected to one or more RF ports 50A, SOB to provide a complete host system 
for wireless data comimimcations. This arrangement could be used, for example, in a small 
business wherein office equipment is connected to server 70 by a wired network for conventional 
LAN operation and one or more RF ports 50 are also connected to server 70 on the LAN system 
to provide data communications between the server 70 and mobile units. The server can perform 
the higher order MAC functions and download firmware msfructions to the RF ports. 
Altanatively, tiie firmware instructions can be installed on PROM memory in flie RF ports. 

Figure 6 shows an arranganent for providing wireless access to the hitemet usmg 
the RF port 50 of the present invention. Ihtemet access over communications line 80 to modem 
82 may be provided by cable, DSL or fiber optical transmission. RF port 50 may be provided 
with MAC firmware on PROM or may be configured with a bootloader program to download 
firmware fi-om an ISP server. When installed in a home or ofQce, mobile units 20 can associate 
wifli RF port 50 to initiate hitemet access. The ISP server may perform the higher level MAC 
fiuiction, or they may be provided in RF port 50. 

The mobile units 20 may be the personal computers 22 in a home or office wifli a 
WLAN ad^ter 24 as shown in Figure 2. 

Figure 7 illustrates an example of communications formats that might be used in 
the various system embodiments of the presait invention. The Figure 7 example assumes that 
the configuration includes a host 90 connected to a dedicated cell controller 14, which is likewise 
connected to RF port 18. It should be clearly understood that the logical cell controller functions 
may be pafoimed in host 90, particularly in a simple system. 
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In flie Figure 7 example host 90 sends message "A" having 100 data bytes via an 
Ethernet packet 100 to cell controller 14. Packet 100 has a destination address of the Mobile unit 
(Ml), a source address of the host (H) and includes data (A). Cell controller 14 formats the data 
in 802.1 1 format with the destination corresponding to mobile unit (MUl) 20. The cell 
encq)sulates this 802. 1 1 packet with data A into an Ethernet packet 104 addressed to RF port 1 
(RFl) from the cell controller (cell controllCT). 

RF port 18 receives tiie Ethemet packet 104 from cell controller 14 and generates 
[:[ and sends an RF packet 1 12 in 802.1 1 format to mobile unit 20. including data A. It should be 
?:J imderstood lhat 802.11 header generation can be provided at either the ceUcoiitroller 14 or the 

RFport 18,butpacket 104 must inchide mobile unit identification data either as an 802. 11 
in header or otherwise to enable RF port 18 to generate the header. RF port 18 additionally 
[=j performs tiie CRC computation and adds the result to tiie 802.11 packet 112. 
iJj A second message •'B" having 1500 bytes of data is also shown as originating as 

g Etiiemet packet 102 from host 90 to cell controUer 14. Cell contix)ller fluents data message B 
into tiiree fragments Bl, B2 and B3 to accommodate the 500 byte data limit of 802.11 packets. 
These three fragments are sent as Ethtanet packets 106, 108, 1 10 to RF port 1 8, which tiansmits 
RF signal packets 1 14, 1 16, 1 1 8 to mobile unit 20. 
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Reverse communication is similar. Message C has 100 bytes and is sent by 
mobile unit 20 to RF port 18 as 802.11 RF signal packet 200. RF port 18 encapsulates this 
message into Etliemet packet 208 and sends it to cell controller 14, which extracts the destination 
information and data to provide Ethernet message 216 to the host 90. A larger message D is sent 
as message fragments 202, 204, 206 to RF ports 18, relayed as Ethernet packets 210, 212, 214 to 
cell controller 14 and sent as a reassembled Ethernet packet 218 to host 90. 

Referring now to Figure 8, shown is an application of the central controller/RF port 
model that may be used to_ set multiple overlapping ESS LANs for use in the same or overlapping 
ph3^ical space. Shown in Figure 8 is a central controller 260 which is associated with two RF 
ports, RF port 1 250 and RF port 2 270. The central controller 260 may be associated with more 
than two RF ports, but two are shown for illustration purposes. Each RF port 250, 270 provides 
coverage for a wirel^s LAN in the physical areas 240, 310. 

Figure 8 further illustrates the concept of providing multiple ESS identifications through 
the same RF port and cell controller such that each ESS identification is associated with a 
separate virtual wireless local area network having its own policies and security. Thus, RF port 1 
250 may be configured so as to support separate BSS networks 1 A 230, IB 220 and IC 210, all 
of which occupy the same physical space 240. The RF port may support more than three BSS 
networks, but three are shown for illustration purposes. Similarly, RF port 2 270 may be 
configured so as to support BSS networks 2A 300, 2B 290 and 2C 280. all of which occupy the 
same physical space 310. Using the configuration as shown in Figure 8, multiple ESS LANs 
may be coordinated by the central controller 260 in the physical space 240 and 310. ESS A 
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personnel, such as airport employees, may have access to the public level and also have access to 
the airport operational network. The security-based network would be available for select airport 
personnel such as management and security officers. 

The cell controller performs the function of determining which ESS network a mobile 
unit communicating with an RF port associated with the cell controller is operating on, and 
thereby controls the direction of conmixmication from the cell controller to the network. The cell 
controller can verify the multiple levels of security provided in connection with the access by the 
mobile unit devices, and in addition can prioritize communications so that higher priority 
communications such as security communications are given greater access to the system during 
higher traffic conditions. For example, in the three-tier embodiment discussed above, the 
security network could have a feature to disallow all other network access in an emergency 
situation. 

A similar multi-virtual LAN network may be also useful in a health care facility wherein 
different networks are used for security, medical care, personal and public information. 

The architecture described herein offers advantages in several discrete areas of wireless 
network management. 

Bandwidth Management 

An aspect of functionality that can be realized in connection with the configuration 
described herein is to modify the bandwidth of communications in accordance with the type of 
device with which the communication is associated. For example, where a data set comprises an 
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image, for example retrieved from the Internet, the resolution of the image can be modified in the 
cell controller to accommodate the resolution capacity of a portable device. Therefore, rather 
than provide a highly detailed image of the type that can be displayed on a personal computer, an 
image-bearing message can be reduced in resolution in the cell controller to a lower resolution, 
compatible with a portable device, such as a personal digital assistant. By tiierefore reducing the 
resolution of the image being sent, the bandwidth and data capacity necessary to send the image 
can be significantly reduced. 

Another fimctionality available with the configuration described herein is to control the 
individual RF ports according to the traffic experienced by the system. For example, the cell 
controller can assigned an RF port experiencing a high volume of communication to a different 
channel, such as a reserve channel on which no other RF ports are operating. This will minimize 
interference in communications conducted with a particular RF port that is experiencing high 
volume. In this manner the RF port may be the only RF port operating on the particular, reserve 
channel. The cell controller has real time information available to it in order to make the changes 
in the RF port configuration to accommodate changing load conditions. 

A wireless system may also contain RF ports sending and receiving overlapping 2.4 GHz, 
Bluetooth, and 5 GHz signals. These signals will have differing frequencies, power levels, and 
data rates. Because the cell controller will monitor all features of the frequencies generated by 
the RF ports and will know the locations of the RF ports, the cell controller will have the ability 
to optimize the frequency, power level and data rates in the physical space for the best possible 
performance. 
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The cell controller provides a central location for interfacing the WLAN with WAN 
features that may be accessed by users. For example, the cell controller can coordinate the 
processing necessary to enable voice over IP (VoP), i.e. compression or user allocations. 
Compression is particularly enhanced using a cell controller because the cell controller can 
maintain the necessary historical dictionaries needed for efficient compression algorithms in one 
location that applies to all RF ports. The cell controller can also proxy to access a SIM database 
for WAN users in advance of actually needing this data to perform operations. 

The cell controller allows additional functionality to the WLAN at all levels while 
maintaining the compatibility in the MAC level necessary for IEEE 802.1 1 systems. One such 
example would network management features that are not present in the 802. 1 1 protocol but 
would be useful to operate at the cell controUer/RF port level. An embodiment of this is to 
monitor the software versions present in the MUs in a WLAN and send out updated versions 
when each MU "checks in" with the cell controller. Ultimately this allows the costs of APs/RF 
ports to remain relatively inexpensive. 

Other aspects of routing traffic through the cell controller is tiie ability to detect 
interference and noise and the ability to control the transmit power of particular RF ports. For 
example, the cell controller can command the RF port to provide the signal level they are 
receiving when there is no communication (background noise or interference) to the cell 
controller. This can be used to provide an analysis of the system operation or to provide the 
detection of background interference and its location. 
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Security 

Anotiier available function of this architecture is control of association, since all 
association is handled in a cell controller. Accordingly, where a "public access only" device 
attempts to associate with the system in a secure area such as, for example, an airport control 
tower, where a member of the public should not be, the fact of this association attempt can be 
noted in the cell controller and automatically give notice to security personnel. The cell 
controller can additionally deny or permit access to a mobile unit attempting to associate with an 
RF port according to traffic at the RF port as observed at the cell controller. The cell controller 
tiiereby has a measure of control over roaming and can command a mobile unit as to which RF 
port to become associated with, hideed, under many WLAN architectures, APs do not coordinate 
with each other to determine if they are being probed in such a way that an attempt to break 
security may be occurring. In contrast, a cell controller can monitor all such probing to 
determine if an attack may be taking place. Logs of such probing may be kept. In addition, 
authentication protocols may be centraUzed in the cell controller instead of on a central server, 
creating greater efficiency. 

Another important aspect of control of association and roaming in the cell controller is 
the fact that the cell controller can perform a "soft-roaming" function. Soft-roaming takes place 
when the cell controller changes ownership of the BBS identification between RF units. In 
essence the cell controller has the ability to tell a mobile unit which RF port it will communicate 
through. In connection with doing so it is possible for one RF port to monitor traffic to another 
RF port and thereby advise the cell controller that it has the cj^ability of receiving signals firom 
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that particular mobile unit. The cell controller has the ability to control the access of the mobile 
units to RF ports according to traffic as observed in the cell controller. One aspect of the system 
is that the intelligence in the cell controller interacts with the intelligence in the mobile unit to 
control association. The RF port has no part in this and accordingly there is a greater ability to 
centrally managed the flow of traffic through the RF port. Another aspect is to provide an 
arrangement in the cell controller wherein only one RF port can perform secure data 
communication. When a mobile unit desires a secure link, the cell controller can switch the 
mobile unit to a particular RF port for secure communications. In essence the unit is capable of 
providing a virtual RF port. The switching of the BSS identification between RF ports takes 
place in the cell controller and the mobile unit has no idea that it has been given the bait and 
switch. Another aspect of the centralized management is security, in that if a mobile unit which 
does not have access authorization attempts a number of times to gain access to the system, the 
security program in the cell controller can provide an alert and in essence lock out further 
attempts by that mobile imit 
Location tracking 

In the architecture described herein, because RF ports are cheaper than typical APs, there 
may be more RF ports in a given area than APs. This proUferation of RF ports will allow 
location tracking to take place. Moreover, one RF port has the ability to "snoop" and listen in to 
the traffic between another RF port and a mobile unit The cell controller cm take all this data in 
and use time stamping based on the arrival of data. Such information can be passed through the 
Ethernet to a processor tiiat can determine location. 
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Diagnostic capability 

An important capability which the cell controller can also implement is the diagnostic 
capability. As an initial calibration when a system is first brought into operation the cell 
controller can cause the RF ports to go through a sequence in which the RF ports communicate to 
each other. In this way the signal level of each RF port, as observed at one or more other 
RF ports, can be monitored and the radio location of the RF ports can be mapped, for example, to 
create altemative RF ports to which traffic can be switched in the event of excess traffic on any 
particular RF port. Accordingly using RF signals the cell controller can dynamically discover the 
RF locations and signal characteristics between RF ports. Each RF port in this case would 
provide the cell controller with an indication of the strength of the signals received. The cell 
controller can also record the background noise level. Following the initial calibration of the 
system the cell controller can undertake periodic diagnostics, wherein signals are sent from one 
RF port to another and the signal level is relayed to the cell controller to determine whether if the 
transmitters and receivers are operating properly. In this respect, the signals received can be 
compared to the base line signal levels which have been recorded at the cell controller as a 
calibration level. Changes in background noise can also be determined and this can be used to 
detect a problem with a receiver in the system. 

While there has been described what is believed to be claimed in the above-identified 
application those skilled in the art will recognize that other and further modifications may be 
made without departing from the scope of the invention and it is intended to claim all such 
changes and modifications as fall within the true scope of the invention. 
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